And at some point, AWS or Azure might be considered more secure than servers configured and administered by an organization that doesn't have that as its core competency.
This. Who beat every single private organization with Spectre/Meltdown mitigation? Amazon Web Services.
There is a pervasive myth that servers run by private organizations are more secure than those run by the public cloud providers, and the opposite is actually true. Does your organization receive embargoed information from Intel to mitigate side-channel 0-days before they are publicly announced?
There is a pervasive myth that servers run by private organizations are more secure than those run by the public cloud providers, and the opposite is actually true. Does your organization receive embargoed information from Intel to mitigate side-channel 0-days before they are publicly announced?